Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
36e95ec621de0c4c9200881ca0c446c399f705f2b6d0312b766e3d78fde7e0a7
-
Size
360KB
-
Sample
221205-mr477sfd6z
-
MD5
34d456609d85569a2a968b74b8420b9b
-
SHA1
173e1c9a8738de287f0997cc9249a3d9fbbbaa58
-
SHA256
36e95ec621de0c4c9200881ca0c446c399f705f2b6d0312b766e3d78fde7e0a7
-
SHA512
988cee330c55c2c8a09c68739810c70bad71b73d14bee0740035a4bea344ccc2a4971cc961c4166792bfc04f3b3ce5c1f6ad225c4cd324fd7559d680246d351b
-
SSDEEP
6144:WLp2qUgX65Fpqsh4hXc4vt9YvEcd4MfkuxDTktpGa9:HFr4hXLkvEcd47WTkvGa9
Malware Config
Targets
-
-
Target
36e95ec621de0c4c9200881ca0c446c399f705f2b6d0312b766e3d78fde7e0a7
-
Size
360KB
-
MD5
34d456609d85569a2a968b74b8420b9b
-
SHA1
173e1c9a8738de287f0997cc9249a3d9fbbbaa58
-
SHA256
36e95ec621de0c4c9200881ca0c446c399f705f2b6d0312b766e3d78fde7e0a7
-
SHA512
988cee330c55c2c8a09c68739810c70bad71b73d14bee0740035a4bea344ccc2a4971cc961c4166792bfc04f3b3ce5c1f6ad225c4cd324fd7559d680246d351b
-
SSDEEP
6144:WLp2qUgX65Fpqsh4hXc4vt9YvEcd4MfkuxDTktpGa9:HFr4hXLkvEcd47WTkvGa9
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-